Hello,
After I changed to 3.2.4 RC it had been a huge rase on incoming spam mails. I don't know if it's been related, it might be because of the bayes_00 scoring negative points. I wrote spam check status below.
I experienced a similar issue for one of my users (Im still running Spamblocker 2)
It seems that bayes autolearn=ham feature got corrupted by some spam emails that managed to look legitimate enough to get past the spam filters.
You have two options:
1) For each domain that is effected, go through their spam folder and find messages with autolearn=ham Now run sa-learn to mark those as spam to get bayes to learn its mistakes.
Example of using sa-learn:
sudo -u username -H sa-learn --dump magic
sudo -u username -H sa-learn --no-sync --showdots --spam /home/username/imap/domain.com/user/Maildir/.INBOX.spam/cur/
sudo -u username -H sa-learn --sync
sudo -u username -H sa-learn --dump magic
Use the outputs from dump magic to compare the tokens before and after.
2) Now if you have lots of domains that are experiencing this issue, it might be best to simply erase the bayes database for those domains. I believe you can do this by logging into directadmin CP, logging in as that user. Somewhere in spamassassin settings.
---
I also created a temporary rule in /etc/mail/spamassassin/local.cf
score BAYES_00 -0.5
To make the BAYES_00 have less weight while the issue gets sorted out.